Bug#1052159: Patch available
Daniel Teichmann
daniel.teichmann at das-netzwerkteam.de
Tue Oct 17 14:12:36 BST 2023
Hey,
The underlaying problem was that at $config->ldap->re were
LDAP\ResultEntry objects stored. They can't be serialized anymore (since
PHP8.1).
And since $ldap->re is inside of $config object, it will be written to
$_SESSION too. This fails silently (except if you call
session_write_close() somewhere).
This patch should clean up the remaining results.
--- a/html/main.php
+++ b/html/main.php
@@ -524,6 +524,9 @@
/* Show page... */
echo $display;
+/* Avoid serializing results. */
+$config->ldap->clearResult();
+
/* Save plist and config */
session::global_set('plist',$plist);
session::global_set('config',$config);
--- a/include/class_ldap.inc
+++ b/include/class_ldap.inc
@@ -475,6 +475,10 @@
if (!is_null(self::$sr[$srp]) && !is_bool(self::$sr[$srp])) {
@ldap_free_result(self::$sr[$srp]);
}
+
+ if (isset($this->re) && in_array($srp, $this->re) &&
isset($this->re[$srp])) {
+ unset($this->re[$srp]);
+ }
}
}
--- a/html/index.php
+++ b/html/index.php
@@ -380,7 +380,8 @@
stats::log('global', 'global', array(), $action = 'login',
$amount = 1, 0);
- unset($config->ldap->re); // Avoid serializing results.
+ // Avoid serializing results.
+ $config->ldap->clearResult();
session_write_close();
if (isset($plug) && isset($plist->dirlist[$plug])) {
More information about the Debian-edu-pkg-team
mailing list